In the past we've spoken about the uses of RFID for tracking records in
libraries, office spaces, and warehouses and had some "fringe discussions"
about privacy and security issues related to the technology. Anyone
interested in the technology to a more serious degree may be interested in
reading this introduction:
http://www.nist.gov/public_affairs/releases/rfidsecurity.html
(snip)
The new NIST publication focuses on RFID applications for asset management,
tracking, matching, and process and supply chain control. Its list of
recommended practices for ensuring the security and privacy of RFID systems
includes:
- firewalls that separate RFID databases from an organization's other
databases and information technology (IT) systems;
- encryption of radio signals when feasible;
- authentication of approved users of RFID systems;
- shielding RFID tags or tag reading areas with metal screens or films
to prevent unauthorized access;
- audit procedures, logging and time stamping to help in detecting
security breaches; and
- tag disposal and recycling procedures that permanently disable or
destroy sensitive data.
The full report is available here (158 pages)
http://csrc.nist.gov/publications/nistpubs/800-98/SP800-98_RFID-2007.pdf
Larry
--
Larry Medina
Danville, CA
RIM Professional since 1972
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance